Hackers slacking? Fewer losses from crypto hacks and fraud in Q3


Losses from hacks in the crypto industry decreased by 38% in the third quarter of this year compared to Q3 of 2023, while losses from fraud dropped by 86%, according to data from Immunefi.

A total of $410 million was lost to hacks across 31 specific incidents, while $3 million was lost to fraud across three incidents, the Web3 bug bounty platform revealed in its recent report.

WazirX, India’s leading domestic crypto exchange, suffered the biggest loss, which lost over $230 million to a hack. Meanwhile, BingX, a Singapore-based crypto exchange, lost $52 million.

ADVERTISEMENT
crypto losses q3
Source: Immunefi

According to the report's authors, with almost $90 billion in capital locked across Web3 protocols as of September 2024, the space remains an attractive target for hackers.

“We’re seeing a higher number of incidents targeting DeFi [decentralized finance], while CeFi [centralized finance] experiences fewer incidents but often with more severe consequences, with hundreds of millions in stolen funds in a single exploit,” commented Mitchell Amador, Founder and CEO of Immunefi.

He added that in CeFi, the biggest infrastructural issue is private key management. While essential for maintaining the self-custody of crypto assets, it is not typically subject to security audits.

“It requires rigorous key management policies, practices, and emergency plans,” Amador stressed.

The report also found that nearly $15 million in stolen funds has been recovered in two cases, representing about 4% of total losses in Q3 2024. However, this recovery rate is lower than the previous period, when nearly 9% of losses were recovered.

Additionally, the number of individual successful attacks dropped by 54% to 34 in the past quarter. Projects on the Ethereum (ETH) blockchain suffered the most individual attacks, with 15 incidents, followed by Binance’s BNB Chain with eight incidents, and Base, developed by Coinbase, with two incidents.

ADVERTISEMENT